From e368df4e10f5231d22206cb4722d46b534785294 Mon Sep 17 00:00:00 2001
From: Eugene Burmakin <iamfrey@gmail.com>
Date: Wed, 26 Feb 2025 22:08:12 +0100
Subject: [PATCH] Add JWT authentication to the Manager app

---
 Gemfile                                         |  1 +
 Gemfile.lock                                    |  3 +++
 app/models/user.rb                              | 14 ++++++++++++++
 app/views/settings/subscriptions/index.html.erb |  4 ++--
 4 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/Gemfile b/Gemfile
index 4ed5dad3..67caa28c 100644
--- a/Gemfile
+++ b/Gemfile
@@ -37,6 +37,7 @@ gem 'strong_migrations'
 gem 'tailwindcss-rails'
 gem 'turbo-rails'
 gem 'tzinfo-data', platforms: %i[mingw mswin x64_mingw jruby]
+gem 'jwt'
 
 group :development, :test do
   gem 'debug', platforms: %i[mri mingw x64_mingw]
diff --git a/Gemfile.lock b/Gemfile.lock
index 52c66373..c0a6c75e 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -167,6 +167,8 @@ GEM
     json (2.9.1)
     json-schema (5.0.1)
       addressable (~> 2.8)
+    jwt (2.10.1)
+      base64
     kaminari (1.2.2)
       activesupport (>= 4.1.0)
       kaminari-actionview (= 1.2.2)
@@ -466,6 +468,7 @@ DEPENDENCIES
   groupdate
   httparty
   importmap-rails
+  jwt
   kaminari
   lograge
   oj
diff --git a/app/models/user.rb b/app/models/user.rb
index 2f6499d2..b4d4c778 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -99,6 +99,20 @@ class User < ApplicationRecord
     end
   end
 
+  # Generates a secure token for cross-application authentication with the subscription app
+  # @return [String] JWT token containing user identity information
+  def generate_subscription_token
+    payload = {
+      user_id: id,
+      email: email,
+      exp: 30.minutes.from_now.to_i
+    }
+
+    secret_key = ENV['JWT_SECRET_KEY']
+
+    JWT.encode(payload, secret_key, 'HS256')
+  end
+
   private
 
   def create_api_key
diff --git a/app/views/settings/subscriptions/index.html.erb b/app/views/settings/subscriptions/index.html.erb
index 4d9104be..64080538 100644
--- a/app/views/settings/subscriptions/index.html.erb
+++ b/app/views/settings/subscriptions/index.html.erb
@@ -16,13 +16,13 @@
             Your subscription will be valid for the next <span class="text-accent"><%= 365 %> days</span> and will be <span class="text-accent"><%= current_user.active? ? 'renewed automatically' : 'renewed manually' %></span>.
           </p>
 
-          <%= link_to 'Manage subscription', '#', class: 'btn btn-primary my-4' %>
+          <%= link_to 'Manage subscription', "#{ENV['SUBSCRIPTION_URL']}/auth/dawarich?token=#{current_user.generate_subscription_token}", class: 'btn btn-primary my-4' %>
         <% else %>
           <p class="py-6">
             You are currently not subscribed to Dawarich. How about we fix that?
           </p>
 
-          <%= link_to 'Manage subscription', '#', class: 'btn btn-primary my-4' %>
+          <%= link_to 'Manage subscription', "#{ENV['SUBSCRIPTION_URL']}/auth/dawarich?token=#{current_user.generate_subscription_token}", class: 'btn btn-primary my-4' %>
         <% end %>
       </div>
     </div>